<?php
if (isset($_SESSION['admin-login'])) {
	if (isset($_SESSION['status-account'])) {
		echo "<p>".$_SESSION['status-account']."</p>";
		unset($_SESSION['status-account']);
	}
	?>
	<form action="<?php echo site()."/".$param[0] ?>/account-action" method="post" onsubmit="return validateAccount()">
		Username baru: <input type="text" name="ubaru" value="<?php echo $_SESSION['admin-login']; ?>" /><br />
		Password lama: <input type="password" name="plama" /><br />
		Password baru: <input type="password" name="pbaru" /><br />
		Konfirm password baru: <input type="password" name="cbaru" /><br />
		<input type="submit" name="submit" value="Submit" />
	</form>
	<script type="text/javascript">
		function validateAccount() {
			var body = document.getElementsByTagName("body")[0];
			var form = document.getElementsByTagName("form")[0];
			var ubaru = form["ubaru"].value;
			var plama = form["plama"].value;
			var pbaru = form["pbaru"].value;
			var cbaru = form["cbaru"].value;
			var status = document.getElementsByTagName("p")[0] || document.createElement("p");
			if (ubaru.length == 0 || plama.length == 0 || pbaru.length == 0) {
				status.innerHTML = "Semua input harus diisi";
				body.insertBefore(status,form);
			} else if (ubaru.length > 10 || pbaru.length > 10) {
				status.innerHTML = "Username dan password maksimal 10 karakter";
				body.insertBefore(status,form);
			} else if (!ubaru.match(/^[0-9a-zA-Z]+$/) || !pbaru.match(/^[0-9a-zA-Z]+$/)) {
				status.innerHTML = "Username dan password hanya boleh huruf dan angka";
				body.insertBefore(status,form);
			} else if (pbaru != cbaru) {
				status.innerHTML = "Password dan konfirmasi password harus sama";
				body.insertBefore(status,form);
			} else {
				if (document.getElementsByTagName('p')[0])
					body.removeChild(document.getElementsByTagName('p')[0]);
				return true;
			}
			return false;
		}
	</script>
	<?php
} else {
	$_SESSION['status-login'] = "Log in terlebih dahulu untuk melanjutkan";
	header("Location: ".site()."/".$param[0]."/login");
}
?>